DSA Data Breach Affects 3,239 Individuals Exposing PHI and PII

Data Systems Analysts, Inc. (DSA), an information technology and services provider, recently experienced a data breach that has affected thousands of individuals across the United States.

On Sept. 11, 2025, DSA detected unauthorized access to its network by a third party. The breach was discovered after suspicious activity was identified, prompting the company to secure its systems and launch a forensic investigation.

The investigation revealed that personal information stored in network locations was accessed without authorization. According to disclosures filed with state authorities, the exposed information includes names, Social Security numbers, dates of birth, financial account details (such as account numbers and credit or debit card numbers), medical information, and health insurance information.

In total, the breach affected 3,239 individuals in the United States. The impact varied by state, with 392 Texas residents, three Maine residents, and 12 Massachusetts residents confirmed as affected.

The breach was reported to the Maine Attorney General, the Massachusetts Office of Consumer Affairs and Business Regulation, and the Texas Attorney General. Impacted individuals began receiving notification letters by U.S. mail on Feb. 6, 2026.

Data Systems Analysts' response

To support those affected, DSA is offering complimentary credit monitoring and identity restoration services through Experian. Impacted individuals can enroll in either 12 or 24 months of single bureau credit monitoring at no cost, depending on the notification they received. These services include alerts for any changes to credit files and access to fraud assistance and remediation specialists.

DSA encourages all affected individuals to remain vigilant by monitoring their financial accounts, reviewing credit reports, and considering placing fraud alerts or security freezes with the major credit bureaus.

Additional guidance, including steps to obtain an Identity Protection PIN from the IRS and information on consumer rights under the Fair Credit Reporting Act, is provided in the notification letters.